ZAP evangelists - feedback needed

[Simon Bennetts]

Hey evangelists,

Thank you for your continued support for ZAP - it really means a lot to us.

I have just one question for you right now...

What could we do to make ZAP better for the people you are evangelizing to?

It could be big things, small things, new features, improved existing ones, specific bug fixes, better docs, whatever you think will make the most difference.

Feel free to reply to this thread or email me directly.

And remember that you don't actually need to wait to be asked - the feedback you can give to us about ZAP is really useful so let us know whenever you have some!

Many thanks,

Simon

[johanna curiel curiel]

Hi Simon

I'm trying to introduce ZAP as a tool for developers can use to "catch low hanging fruits", I had a meetup in Amsterdam recently with this attempt.

But as I went ta long with my devs colleagues , many need to understand "what are " the low hanging fruits and how to use ZAP for this purpose, which can be quite different that pen testing. Such as using secure software development lifecycle and catch the low fruits before the pen testers does. Noticed many developers and testers found this idea very appealing because they want to deliver quality, most especially when a company is really into using Secure SDLC. Let's say is ore about security testing which is not equal to pen testing.

I'm working on a doc for this purpose and I'll share it through the owasp wiki.

Cheers

--
You received this message because you are subscribed to the Google Groups "OWASP ZAP Evangelists Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangelists+unsub...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Johanna Curiel 

OWASP Volunteer

[psiinon]

Thanks Johanna - I think that this is a great way to use ZAP, and we should def improve our documentation around this.

Looking forward to your doc :)

Cheers,

Simon

To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangelists+unsubscribe...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Johanna Curiel 

OWASP Volunteer

--

OWASP ZAP Project leader

[Omer Levi Hevroni]

I feel the same - I find it hard to explain to people what Zap can find. The list of rules is not always easy to find, or clear enough, The mapping to the top 10 is a great start, I think what missing is an updated list of all the potential issues Zap can find. 

To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangel...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Johanna Curiel 

OWASP Volunteer

--

OWASP ZAP Project leader

--

You received this message because you are subscribed to the Google Groups "OWASP ZAP Evangelists Group" group.

To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangel...@googlegroups.com.

[Amit Kulkarni]

Hi Simon,

Agree, to add or mention the "low hanging fruits" ZAP can find.

Also, I would like to add -  to update the doc and mention clearly to pass "API Key Parameter" for any api calls. Lot of Import error will get resolved on group threads :)

Regards,

Amit

To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangelists+unsub...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Johanna Curiel 

OWASP Volunteer

--

OWASP ZAP Project leader

--
You received this message because you are subscribed to the Google Groups "OWASP ZAP Evangelists Group" group.

To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-evangelists+unsub...@googlegroups.com.